Report: CNP Fraud Going Up, Regardless of EMV

A Javelin study predicts that Card Not Present fraud will be little affected by EMV migration.

One of the biggest concerns surrounding the US migration to EMV (Europay, MasterCard, and Visa) is that experts often predict it will lead to an increase in Card Not Present (CNP) fraud. That prediction played out previously in other countries that switched to EMV. After EMV was implemented, making it more difficult to commit to counterfeit card transactions at the point of sale, fraudsters moved their business to e-commerce sites and online transactions.

One of the most oft-cited examples of this trend was the UK’s switch to EMV in 2004 and 2005. Online card fraud jumped from £117 million in 2005 (when EMV was fully implemented) to £155 million in 2006, and then up to £178 million (US$283 million) in 2007.

A recent report from Javelin Strategy & Research predicted that Card Not Present will increase dramatically over the next few years. But little of that growth will be because of the switch to EMV. The e-commerce space has evolved since the UK, Australia, and others switched to EMV and saw big jumps in CNP fraud, the report pointed out. Online transactions will see explosive growth over the next few years, and that will in turn drive a large increase in CNP fraud, unless online fraud prevention solutions are more widely implemented among e-commerce businesses, the report warned.

“Card Not Present fraud is just happening. In Europe, EMV deployments were correlated with increases in Card Not Present fraud,” Nick Holland, senior analyst at Javelin and author of the report, remarked. “That mythology has been transcribed to the US market. Retailers think that if you bring in EMV, they will get a net negative. They think you’re just moving fraud to online.”

If Javelin’s predictions are correct, those retailers will need to be worried about CNP fraud rising regardless of whether or not EMV is implemented. If EMV is implemented, Javelin said that CNP fraud would jump from $9 billion last year to $18.6 billion in 2018. But if EMV isn’t implemented, then Javelin projected that CNP fraud would still increase to $18.4 billion in 2018. Most of that growth in CNP fraud will be because e-commerce transactions will increase from $351.9 billion last year to $486.3 billion in 2018, Javelin predicted.

Also, even though Javelin predicted that EMV implementation would cause CNP fraud to go up an extra $200 million in 2018, in-person fraud at the point of sale would decrease by $1.5 billion by that time with EMV. So EMV would be a big net positive for retailers, according to the report’s projections.

The rise in CNP fraud will require online retailers to up their game in fraud prevention, Holland suggested. Solutions exist today to help mitigate fraud in online transactions, like tokenization and encryption. But those solutions need to be more widely implemented, which won’t likely happen unless retailers are incentivized to deploy them, he said.

“The biggest issue in e-commerce today is abandonment. They don’t want to introduce extra steps [to the checkout process]. There has to be a balance between a secure online environment and not making it difficult for the user [to complete a purchase],” Holland told us. “It could be advantageous to give the online retailers a break on interchange if they are doing the right thing security wise. [The banks] can help them with the cost of CNP interchange, which goes back to CNP fraud risk. It should be some carrot, and not the stick all the time.”

Jonathan Camhi has been an associate editor with Bank Systems & Technology since 2012. He previously worked as a freelance journalist in New York City covering politics, health and immigration, and has a master's degree from the City University of New York's Graduate School ... View Full Bio